From 994590531e3059b78f3f423918dfe36f5e284e33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A0=20Mercader?= Date: Fri, 18 Nov 2011 14:30:10 +0000 Subject: [PATCH] [ckan harvester] Support for creating read-only packages --- README.rst | 11 +++++++++-- ckanext/harvest/harvesters/ckanharvester.py | 21 ++++++++++++++++++++- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/README.rst b/README.rst index 7ce3098..67273ac 100644 --- a/README.rst +++ b/README.rst @@ -132,6 +132,12 @@ field. The currently supported configuration options are: needs to have permission for creating packages, and if default groups were defined, the user must have permission to assign packages to these groups. +* read_only: Create harvested packages in read-only mode. Only the user who + performed the harvest (the one defined in the previous setting or the + 'harvest' sysadmin) will be able to edit and administer the packages + created from this harvesting source. Logged in users and visitors will be + only able to read them. + Here is an example of a configuration object (the one that must be entered in the configuration field):: @@ -139,7 +145,8 @@ the configuration field):: "api_version":"1", "default_tags":["new-tag-1","new-tag-2"], "default_groups":["my-own-group"], - "user":"harverster-user" + "user":"harverster-user", + "read_only": true } @@ -288,7 +295,7 @@ Finally, on a third console, run the following command to start any pending harvesting jobs:: paster harvester run --config=../ckan/development.ini - + After packages have been imported, the search index will have to be updated before the packages appear in search results (from the ckan directory): diff --git a/ckanext/harvest/harvesters/ckanharvester.py b/ckanext/harvest/harvesters/ckanharvester.py index 919af83..4f86032 100644 --- a/ckanext/harvest/harvesters/ckanharvester.py +++ b/ckanext/harvest/harvesters/ckanharvester.py @@ -234,7 +234,26 @@ class CKANHarvester(HarvesterBase): package_dict['groups'] = [] package_dict['groups'].extend([g for g in default_groups if g not in package_dict['groups']]) - return self._create_or_update_package(package_dict,harvest_object) + result = self._create_or_update_package(package_dict,harvest_object) + + if result and self.config.get('read_only',False) == True: + + package = model.Package.get(package_dict['id']) + + # Clear default permissions + model.clear_user_roles(package) + + # Setup harvest user as admin + user_name = self.config.get('user',u'harvest') + user = model.User.get(user_name) + pkg_role = model.PackageRole(package=package, user=user, role=model.Role.ADMIN) + + # Other users can only read + for user_name in (u'visitor',u'logged_in'): + user = model.User.get(user_name) + pkg_role = model.PackageRole(package=package, user=user, role=model.Role.READER) + + except ValidationError,e: self._save_object_error('Invalid package with GUID %s: %r' % (harvest_object.guid, e.error_dict), harvest_object, 'Import')